Article Sidebar

Trending

Article content

An Ottawa-based bitcoin exchange has been defrauded of more than $100,000 worth of the cyber currency in a heist that was anything but sophisticated.

The Ottawa police are investigating an Oct. 1, 2013, incident at Canadian Bitcoins, when someone opened an online chat session with a technical support worker at Granite Networks, now owned by Rogers Communications, and claimed to be Canadian Bitcoins owner James Grant.

He claimed to have a problem with a server and asked the attendant to reboot it into recovery mode, allowing him to bypass security on the server.

“It’s ridiculous,” said the real James Grant when asked about the incident. “There was absolutely zero verification of who it actually was.”

According to a text copy of the chat session obtained by the Citizen, at no point during the nearly two-hour-long conversation was the caller asked to verify his identity. After being asked, the technical support worker gained access to Grant’s locked server pen, plugged in a laptop and then manually gave the fraudster access to Canadian Bitcoins servers, where he cleaned out a wallet containing 149.94 bitcoins, valued at around $100,000.

Grant said the damage could have been far worse. But Canadian Bitcoins only keeps a small amount of the currency in its active online wallet to allow for small trades and transfers. The vast majority of customers’ bitcoins are securely stored in an inactive wallet which is locked in a safety deposit box. To access those reserves, customers must leave notice.

Canadian Bitcoins covered the $100,000 loss out of their own pocket, Grant said, and moved to get their computer equipment out of the facility.

Rogers acknowledged the incident.

“The situation surrounding this customer is unique to this customer, and does not apply to any other customer of Rogers Data Centres. Rogers has been fully co-operative with authorities in the investigation,” according to a statement from the company. “Rogers Data Centres provides the highest level of security in the Canadian data centre industry. Its security protocol is operationally certified and in accordance with industry best practices. We have reviewed our security processes and continue to work with our customers to make sure they take advantage of all of our security features.”

Rogers said it has offered Canadian Bitcoins a “credit” as a result of the situation. Grant said the credit was nowhere near sufficient to cover the company’s loss and as a result his firm is contemplating legal action.

After the intrusion, Grant said he noticed the server had been rebooted several times, but couldn’t access it from the company’s offices. The company’s servers are configured so they are only accessible from Canadian Bitcoins’ head office in Nepean.

In order to check the servers himself, he needed to call two hours in advance to alert Rogers officials about his visit. He then needed a key card to enter the building, enter the lobby, activate the retinal scanner, pass through two more sets of locked doors and then he had to provide a numeric code to unlock the padlocked gate on the cage of his servers.

His experience was the complete opposite of the fraudsters.

Advertisement

Story continues below

This advertisement has not loaded yet, but your article continues below.

Article content continued

“It’s completely ridiculous,” said Grant. “All they did was go on the chat session and say, ‘Hi, I’m James Grant and I have a server with you’ and the data centre said, ‘Yes you do, what can we do for you?”

Canadian Bitcoins is the latest bitcoin exchange to be successfully targeted by thieves. Japanese Mt. Gox was forced out of business last month after hackers successfully infiltrated the exchanges’ security and stole as much as $468 million US worth of bitcoin. Earlier this month, Edmonton-based Flexcoin was forced to close after hackers stole as much as $600,000 worth of the cyber currency.

Several other online bitcoin exchanges have reported that they are under pressure from hackers.

David Girard, senior security adviser for Trend Micro Canada, said while many of the attacks against other exchanges have been sophisticated, the way that Canadian Bitcoin’s walletwas accessed shouldn’t have happened.

“The guy at the data centre should have figured out that he was being phished,” said Girard, referring to a method of prodding personal information from a target. “He does everything that the person (online) is asking without authenticating the person by having him tell him his secret password, reveal his identity or call him back on a list of users authorized to be called back. You need to have some way of authenticating when you work in a data centre.”

Girard said this isn’t the first time he’s seen security breached in this manner. As security becomes more sophisticated, hackers are looking for weak links, which are usually people working within the organization they are targeting. By “socially engineering” attacks against specific individuals, hackers are being far more successful than they should be.

Rogers bought Granite Networks for $6.25 million in late September. The data breach happened while the facility was still in the process of being transitioned to Rogers ownership.

The 28,000-square-foot centre, located on Hazeldean Road in Bells Corners, was built to some of the highest security standards in the industry.

Share this article in your social network

Trending

Related Stories

This Week in Flyers

Article Comments

Comments

Postmedia is committed to maintaining a lively but civil forum for discussion and encourage all readers to share their views on our articles. Comments may take up to an hour for moderation before appearing on the site. We ask you to keep your comments relevant and respectful. We have enabled email notifications—you will now receive an email if you receive a reply to your comment, there is an update to a comment thread you follow or if a user you follow comments. Visit our Community Guidelines for more information and details on how to adjust your email settings.

Notice for the Postmedia Network

This website uses cookies to personalize your content (including ads), and allows us to analyze our traffic. Read more about cookies here. By continuing to use our site, you agree to our Terms of Service and Privacy Policy.